My buddy Bruce forwarded me the message below and asked if I thought it was a phishing scam? For those of you who are unaware of the term “phishing scam”, what it means is that someone sends you an email that appears to be a legitimate email from a company or organization that you’re doing business with. Usually the email is worded in a way that they want you to click/tap on a link so that you can go to a website and provide them the information that they are requesting. They will in turn either use and/or sell this information and compromise your identity, credit cards, etc. Well after receiving more of these than I can count it’s usually easy to identify them at first glance. I’ll give you some dead give-aways that should make you cautious when you get an email that is asking you for information:
Now at first glance, the email above may look pretty convincing. After all they used an Apple logo and they are giving you a sense of urgency because your account is “frozen”. But if you look closely you can see some clear signs that this is NOT a legitimate email. By the way before we even point out the five things I should tell you that most modern phishing scams will attempt to scare you into action by telling you that your account is frozen, deactivated, locked, etc. Or they will send you a bill from say Verizon that’s $2,500 for one month’s worth of phone service so that you’ll panic and click to login and clear it up. Don’t be frightened into a panic and even if you are frightened, use your browser and login to your account the way you always do. DON’T CLICK THE LINK IN THE EMAIL!
OK, this one is actually full of things that give it away as a fake.
1. The first dead giveaway is simply the return address. Apple and most major companies don’t use a domain that is not their own for their corporate communications. Apple isn’t going to use “altervista.org!” Sorry, no way, no how.
2. Most companies you do business with know your name. Therefore they aren’t going to address you as “Dear iTunes customer”. They would say “Dear Terry” (only if your name is Terry).
3. Misspellings or getting the product name wrong is another sign. It’s “Your iTunes” Not “Your itunes”. Apple would have NEVER used a lower case “t” in iTunes.
4. This is probably the one that I check first and is the easiest way to know it’s a scam. Where does the link go that they are asking you to click/tap on? If you’re an Apple Mail user on the Mac you can just hover your mouse over the link (don’t click it) and it will reveal where the link is going to take you. In this particular scam as you can see below the link takes you to a goo.gl link. Um, sorry but Apple wouldn’t do that. I would bet money that every real Apple email is going to take you to a “apple.com” site.
On the iPad, iPhone and iPod touch the built-in Mail app will show you the same info by simply holding your finger down on the link:
5. Another easy one, but sometimes less obvious is simply bad grammar or bad punctuation. In this case there were two periods after the last sentence and no comma between Apple, Inc.
By now you can see just how easy it was to detect this phishing scam. However there were a couple bonus clues that made me suspicious:
6. That iTunes logo just looks old. Granted most people will not always be up to date on a particular company’s branding style, but I think that logo has been retired or at least that version of it. It was actually the first thing that caught my eye when he forwarded me the email. Even if it were or is current there would probably be a trademark symbol after it.
7. The last bonus one is again something that most people will not know, but it surprised me because it was an easy one for the scammer not to get wrong. Apple’s headquarters are located in Cupertino, California. Not San Jose. Again, I wouldn’t expect the average person to know where each company they do business with is located, but for a company as high profiled as Apple it was another clue that something wasn’t right about this email.
Even without 6 and 7 and it was easy to detect a phishing scam here. I hope that these clues will help you in the future. Also whenever someone is requesting your information the safest thing to do is to NOT click the link. Either login the way you you always do or call them on the number you always use.